British hacker arraigned for running The Real Deal dark web marketplace

Pierluigi Paganini October 27, 2022

A popular British hacker was charged by the U.S. authorities for allegedly running the ‘The Real Deal’ dark web marketplace.

The British hacker Daniel Kaye (aka Bestbuy, Spdrman, Popopret, UserL0ser) (34) was charged by the U.S. DoJ for allegedly running the ‘The Real Deal’ dark web marketplace.

The man was charged with access device fraud and money laundering conspiracy.

“Kaye allegedly operated The Real Deal, a Dark Web market for illicit items, including stolen account login credentials for U.S. government computers; stolen account login credentials for social media accounts and bank accounts; stolen credit card information; stolen personally identifiable information; illegal drugs; botnets; and computer hacking tools.” reads the press release published by DoJ. “The market was organized into categories, such as “Exploit Code,” “Counterfeits,” “Drugs,” “Fraud & More, “Government Data,” and “Weapons.””

The now-defunct Real Deal marketplace was used by crooks to sell and buy illegal goods and services, including narcotics, hacking tools and stolen login credentials.

According to the indictment, Kaye offered for sale on The Real Deal login credentials for U.S. government computers belonging to the U.S. Postal Service, the National Oceanic and Atmospheric Administration, the Centers for Disease Control and Prevention, the National Aeronautics and Space Administration, and the U.S. Navy. The man, along with other individuals of a gang known as “thedarkoverlord,” trafficked in stolen social security numbers. Kaye laundered cryptocurrency obtained from the illegal The Real Deal operation through the mixing service Bitmixer.io.

The Real Deal

“While living overseas, this defendant allegedly operated an illegal website that made hacking tools and login credentials available for purchase, including those for U.S. government agencies,” said U.S. Attorney Ryan K. Buchanan. “This case is a timely reminder, during National Cybersecurity Awareness Month, that federal law enforcement will make those accused of breaking U.S. laws face their day in court, regardless of where they reside in the world.”

Kaye also trafficked login credentials for Twitter and LinkedIn accounts. The man is suspected to have run The Real Deal marketplace between early 2015 and November 2016 when it was shut down.

Kaye made a name for himself as the developer and seller of the GovRAT malware that his “customers” used to hack U.S. government agencies [PDF].

Kaye was arrested by U.K.’s National Crime Agency (NCA) in February 2017. In June 2017, Kaye pleaded guilty in court to hijacking more than 900,000 routers from the network of Deutsche Telekom.

The man used a custom version of the Mirai IoT malware.

Kaye is also known as the author of the GovRAT malware, he offered the source code of the RAT, including a code-signing digital certificate, for nearly 4.5 Bitcoin on the TheRealDeal black market.

The man was overseas when the indictment was filed, in September 2022 he consented to his extradition from Cyprus to the U.S.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, The Real Deal)

[adrotate banner=”5″]

[adrotate banner=”13″]



you might also like

leave a comment